Secret CISO 6/11: Snowflake and Cylance Data Breaches, 23andMe Under Investigation, Apple Invites Security Experts to Test AI

Secret CISO 6/11: Snowflake and Cylance Data Breaches, 23andMe Under Investigation, Apple Invites Security Experts to Test AI

Welcome to today's issue of Secret CISO. We're diving into a whirlpool of data breaches, security incidents, and investigations. TechCrunch is unraveling the mystery of an alleged data broker's data breach, while Snowflake, Cylance, and Pure Storage are all dealing with their own security incidents. In the healthcare sector, Best Health Physical Therapy and Panorama Eyecare have announced data breaches, while Celerium has released a white paper on the challenges facing healthcare executives in the wake of data breaches. Genetics testing company 23andMe is under joint investigation in the UK and Canada following a massive data breach.

Meanwhile, the Nigerian government is imposing sanctions on agents over data breach concerns. In other news, Apple is inviting security experts to test its AI, and we have a slew of research updates from AdaCore, Beyond penetration testing, and more. Stay tuned for more updates on these stories and more in today's issue of Secret CISO.

Data Breaches

  1. Data Breach at Cylance: Cylance, a cybersecurity company, has confirmed a data breach after samples of the data were found on the dark web. The company is currently responding to the incident. Source: MSSP Alert
  2. Pure Storage Data Breach: Pure Storage confirmed a security incident involving a third party that temporarily gained unauthorized access. The breach occurred after a Snowflake account hack. The company has since addressed the issue. Source: Bleeping Computer
  3. Data Breach at Best Health Physical Therapy: Best Health Physical Therapy announced a data breach on February 26, 2024. An unauthorized actor was identified, and the company is currently investigating the extent of the breach. Source: Security Magazine
  4. Panorama Eyecare Data Breach: Panorama Eyecare, a Colorado-based eye care management company, reported a data breach that occurred in May 2023, affecting 377,911 individuals. The company has since notified the affected individuals. Source: HealthITSecurity
  5. 23andMe Data Breach: Genetic testing company 23andMe is under joint investigation by Canada's and UK's privacy authorities over a data breach. The investigation aims to assess what the company could have done better to prevent the breach. Source: Malwarebytes

Security Research

  1. Apple Says Its AI Sets a 'New Standard' for Privacy, Invites Security Experts to Test It: Apple has invited security researchers to test its AI technology, claiming it sets a new standard for privacy. The company wants to ensure that its privacy and security guarantees for Private Cloud are verifiable with a high degree of confidence. Source: CNET
  2. China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics: Security researcher Xiaopeng Zhang has reported that the China-linked ValleyRAT malware has resurfaced with advanced data theft tactics. The malware can collect the victim's email contacts if they use Thunderbird as their email client. Source: The Hacker News
  3. Beyond penetration testing: A Darwinian theory of network security: A new research suggests that the IT and telecoms sectors have dedicated significant resources to cybersecurity, reaching all-time highs. The study proposes a Darwinian theory of network security, emphasizing the need for continuous evolution and adaptation to threats. Source: VanillaPlus
  4. AdaCore Research Proves Novel Solution for "Security by Default": AdaCore's research has led to the development of a security-hardened Ada runtime executing on Arm's platform, providing a novel solution for "Security by Default". This development is crucial in an age of increasing security breaches and cyberattacks. Source: Morningstar
  5. Ekundayo: Nigerian information security expert pioneering AI solutions: Toheeb Ekundayo, an information security expert, data engineer, and researcher, is pioneering AI solutions in Nigeria. His work is crucial in the field of information security, offering innovative solutions to complex problems. Source: Tribune Online

Top CVEs

  1. CVE-2022-32933: An information disclosure issue was addressed by removing the vulnerable code in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private browsing. Source: CVE-2022-32933
  2. CVE-2022-32897: A memory corruption issue was addressed with improved validation in macOS Monterey 12.5. Processing a maliciously crafted tiff file may lead to arbitrary code execution. Source: CVE-2022-32897
  3. CVE-2022-48578: An out-of-bounds read was addressed with improved bounds checking in macOS Monterey 12.5. Processing an AppleScript may result in unexpected termination or disclosure of process memory. Source: CVE-2022-48578
  4. CVE-2024-24704: Missing Authorization vulnerability in AddonMaster Load More Anything. This issue affects Load More Anything: from n/a through. Source: CVE-2024-24704
  5. CVE-2024-22279: Improper handling of requests in Routing Release allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at a high rate. Source: CVE-2024-22279

API Security

  1. CVE-2024-2012: A vulnerability in the FOXMAN-UN/UNEM server / API Gateway could allow an attacker to execute unintended commands or code on the UNEM server, potentially leading to sensitive data being read or modified. Source: CVE-2024-2012
  2. CVE-2024-2013: An authentication bypass vulnerability in the FOXMAN-UN/UNEM server / API Gateway component could allow attackers without any access to interact with the services and the post-authentication attack. Source: CVE-2024-2013
  3. CVE-2023-28775: A Missing Authorization vulnerability in Yoast SEO Premium could potentially be exploited. The issue affects Yoast SEO Premium: from n/a through... Source: CVE-2023-28775
  4. CVE-2024-29855: A hard-coded JWT secret in Veeam Recovery allows for authentication bypass. Source: CVE-2024-29855
  5. CVE-2024-37168: @grpc/grpc-js can allocate memory for incoming messages well above configured limits, potentially leading to a denial of service. This has been patched in versions 1.10.9, 1.9.15, and... Source: CVE-2024-37168

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, we can't help but reflect on the myriad of data breaches and security incidents that have unfolded. From the mystery of an alleged data broker's breach to the challenges facing healthcare executives, it's clear that cybersecurity is a pressing concern across all sectors. We hope that our daily round-up has provided you with valuable insights and information to help you stay ahead of potential threats. Remember, knowledge is power when it comes to cybersecurity.

If you found today's newsletter helpful, why not share it with your friends and colleagues? Let's work together to create a safer digital world.

Stay safe and see you tomorrow for more updates from the world of cybersecurity!

Read more

Secret CISO 11/24: Niantic's AI Map Data Breach, Baer's Furniture Co. Settlement, Netflix's Worst Leak, Microsoft's Security Failures, Irish Research on NHS Leak, Quantum-Proof Ethereum

Secret CISO 11/24: Niantic's AI Map Data Breach, Baer's Furniture Co. Settlement, Netflix's Worst Leak, Microsoft's Security Failures, Irish Research on NHS Leak, Quantum-Proof Ethereum

Welcome to today's edition of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we delve into the controversial use of Pokemon Go player data by Niantic to train AI map models, raising serious privacy concerns and potential data breach risks. We also discuss the

By Secret CISO